Subject: RE: [xsl] disable-output-escaping From: Benjamin Franz <snowhare@xxxxxxxxxxx> Date: Mon, 1 Jul 2002 08:42:59 -0700 (PDT) |
On Mon, 1 Jul 2002, CROFT, MICHAEL wrote: > The & is a character that could be entered by the user, I have no control > over what they enter. It is a dynamic process. I need to tell the XML > parser to treat any text entered by the user as text. Ok. Then what you have is a _data entry_ issue, not an _output_ issue. There are a largish number of character 'values' that could be entered by a user that will render your XML _syntactically_ invalid. So, you _MUST_ have a 'prefilter' on your storage system to escape all characters that must be escaped (&, ', " and < would be good candidates) and _removes_ all characters that are flat illegal. You will need to consult the XML spec at W3C for particulars. And don't forget character encoding issues - XML by default uses UTF-8 - while many clients use either ISO8859-1 or whatever their desktop default is under windows. Mixing encodings is a Bad Thing (tm). Otherwise, your best bet is to Base64 encode _all_ data entered by the user for storage and post-process the base64 data back into the raw output you want. -- Benjamin Franz The only way of discovering the limits of the possible is to venture a little way past them into the impossible. ---Arthur C. Clarke XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
Current Thread |
---|
|
<- Previous | Index | Next -> |
---|---|---|
RE: [xsl] disable-output-escaping, CROFT, MICHAEL | Thread | RE: [xsl] disable-output-escaping, Wendell Piez |
Re: [xsl] disable-output-escaping, Wendell Piez | Date | Re: [xsl] XSL: For-Each Efficient o, Wendell Piez |
Month |